mc/metacrypt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
40 Commits 1 Branch 4 Tags
5c5d7e184ee2f0ecf688517d7bdcbce45dfc68e9
Commit Graph

2 Commits

Author SHA1 Message Date
Kyle Isom
5c5d7e184e Fix ECDH zeroization, add audit logging, and remediate high findings 
- Fix #61: handleRotateKey and handleDeleteUser now zeroize stored
  privBytes instead of calling Bytes() (which returns a copy). New
  state populates privBytes; old references nil'd for GC.
- Add audit logging subsystem (internal/audit) with structured event
  recording for cryptographic operations.
- Add audit log engine spec (engines/auditlog.md).
- Add ValidateName checks across all engines for path traversal (#48).
- Update AUDIT.md: all High findings resolved (0 open).
- Add REMEDIATION.md with detailed remediation tracking.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-03-17 14:04:39 -07:00
Kyle Isom
8215aaccc5 Add grpcserver test coverage 
- Add comprehensive test file for internal/grpcserver package
- Cover interceptors, system, engine, policy, and auth handlers
- Cover pbToRule/ruleToPB conversion helpers
- 37 tests total; CA/PKI/ACME and Login/Logout skipped (require live deps)

Co-authored-by: Junie <junie@jetbrains.com>
 2026-03-15 13:07:42 -07:00